A Stored Cross Site Scripting (XSS) vulnerability exists in Shopizer versions 2.0 through 2.17.0 via the “Manage Images” tab, which allows an attacker to upload a SVG file containing malicious JavaScript code.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: Mend

Published: 2022-03-29T10:25:09.479179Z

Updated: 2024-09-16T23:10:36.059Z

Reserved: 2022-01-10T00:00:00

Link: CVE-2022-23059

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-03-29T11:15:07.503

Modified: 2024-11-21T06:47:54.347

Link: CVE-2022-23059

cve-icon Redhat

No data.